1080500 – Satellite 6 allows import / upload of expired manifest without checking (should show error message and prevent upload)

Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1080500 - Satellite 6 allows import / upload of expired manifest without checking (should show error message and prevent upload)

Summary: Satellite 6 allows import / upload of expired manifest without checking (shou...

Keywords:
Status:	CLOSED DEFERRED
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Subscription Management
Sub Component:
Version:	6.0.4
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	Unspecified
Assignee:	Tom McKay
QA Contact:	Katello QA List
Docs Contact:
URL:
Whiteboard:
Depends On:	1297047
Blocks:	GSS_Sat6Beta_Tracker, GSS_Sat6_Tracker
TreeView+	depends on / blocked

Reported:	2014-03-25 14:36 UTC by Pavel Studeník
Modified:	2019-09-26 13:45 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	1297047 (view as bug list)
Environment:
Last Closed:	2017-03-22 20:55:10 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
expired manifest (192.79 KB, application/zip) 2014-03-25 14:36 UTC, Pavel Studeník	no flags	Details
Manifest with expired entitlement (64.64 KB, application/zip) 2016-01-22 15:50 UTC, William Poteat	no flags	Details
View All

Description Pavel Studeník 2014-03-25 14:36:57 UTC

Created attachment 878490 [details]
expired manifest

Description of problem:
I upload expired manifest to an organization. And then I try to enable some Red Hat repository. I got internal error 'SecurityViolation'. I investigate what is wrong, but I didn't find information about expiration. Only error in log.


Version-Release number of selected component (if applicable):
katello-1.5.0-18.el6sat.noarch


How reproducible:
Always

Steps to Reproduce:
1. Create expired manifest
2. Upload manifesto to Katello
3. Enable some Red Hat repository

Actual results:
I got error "product Red Hat Enterprise Linux Desktop repositories import: SecurityViolation occurred when contacting CDN to fetch listing files" in log

Expected results:
Show some message about expired manifest

Additional info:

==> /var/log/foreman/production.log <==
  Rendered /opt/rh/ruby193/root/usr/share/gems/gems/katello-1.5.0/app/views/katello/providers/redhat/_repo_sets.haml (8829.2ms)
  Rendered /opt/rh/ruby193/root/usr/share/gems/gems/katello-1.5.0/app/views/katello/providers/redhat/_tab.html.haml (12001.0ms)
Completed 200 OK in 13287ms (Views: 11756.6ms | ActiveRecord: 259.4ms)
Processing by Katello::ProductsController#refresh_content as */*
  Parameters: {"content_id"=>"829", "id"=>"47"}
 
product Red Hat Enterprise Linux Desktop repositories import: SecurityViolation occurred when contacting CDN to fetch listing files
/opt/rh/ruby193/root/usr/share/gems/gems/katello-1.5.0/app/lib/katello/resources/cdn.rb:105:in `rescue in get'
/opt/rh/ruby193/root/usr/share/gems/gems/katello-1.5.0/app/lib/katello/resources/cdn.rb:79:in `get'

Comment 1 RHEL Program Management 2014-03-25 14:42:56 UTC

Since this issue was entered in Red Hat Bugzilla, the release flag has been
set to ? to ensure that it is properly evaluated for this release.

Comment 6 William Poteat 2016-01-22 15:50:49 UTC

Created attachment 1117271 [details]
Manifest with expired entitlement

This has a single entitlement which expires on Dec 14 2014. It will show the behavior.

Comment 9 Bryan Kearney 2016-08-04 20:16:19 UTC

Moving 6.2 bugs out to sat-backlog.

Comment 10 Bryan Kearney 2017-03-22 20:55:10 UTC

I do not believe this will be addressed in the next few releases, so I am closing this out. If you feel this was incorrect, please feel free to re-open with additional information.

Note You need to log in before you can comment on or make changes to this bug.